Thursday, 27 June 2013

How to configure NetApp vFilers in a DMZ Context for VMware SRM 5

In this following post, we walk through the steps to
setup DMZ vFilers and SnapMirror replication to work with VMware Site Recovery Manager
5. We will set up the vfilers vfiler_lon_dmz in the production site, and
vfiler_frk_dmz in the DR Site. Remember, vFiler DR is not supported as an SRM
array pairing (both arrays need to be online!)

The below diagram gives an idea of the vfiler_lon_dmz IP configuration
at Site A (since this was run in a lab environment, the option to use VLANs was
not available - which would not be the case in real life - and so we use
dedicated interfaces)!

Image: vfiler_lon_dmz
IP Addressing

The DMZ network is not route-able but presented to the
ESX hosts.

We will have two volumes to be replicated - v_lon_dmz_vol1 and v_lon_dmz_vol2 - by SnapMirror for SRM.

A listing of the systems that will make up
this lab:

Site A (London)

LONDMC01 - Domain Controller

LONNTP01 - NetApp Sim 8.1.2

+ with vfiler_lon_dmz

LONVCS01 - vCenter Server & SRM & VSC

LONESX01 - ESXi Host

Site B (Frankfurt)

FRKDMC01 - Domain Controller

FRKNTP01 - NetApp Sim 8.1.2

+ with vfiler_frk_dmz

FRKVCS01 - vCenter Server & SRM & VSC

FRKESX01 - ESXi Host

A listing of the IP addresses used on the storage:

Site A (London)

10.0.1.25 Mgmt (e0a)

10.0.1.31Vfiler Mgmt (e0b)

192.168.101.31Vfiler DMZ (e0c)

10.1.0.31Vfiler Replication (e0d)

Site B (Frankfurt)

10.0.2.25Mgmt (e0a)

10.0.2.31Vfiler Mgmt (e0b)

192.168.102.31Vfiler DMZ (e0c)

10.2.0.31Vfiler Replication (e0d)

Note: The choice of
London and Frankfurt here is completely arbitrary and has no relation to any
real-world production environment!

PART 1: Configuring
dmz vfiler on LONNTP01

## Licensing
multistore and enabling

license add MULTISTORE_CODE

options
licensed_feature.multistore.enable on

## Downing interfaces
for the dmz_vfiler after removing any assigned IPs

Note: It is very
important to remember that re-running vfiler setup will rewrite the
/etc/exports, /etc/hosts, /etc/hosts.equiv, /etc/nsswitch.conf, and
/etc/resolv.conf files - if you already had any of these setup, the contents
must be restored from the .bak files!

PART 2: Configuring
dmz vfiler on FRKNTP01

## Licensing
multistore and enabling

license add MULTISTORE_CODE

options
licensed_feature.multistore.enable on

## Downing
interfaces for the dmz_vfiler after removing any assigned IPs

Note 2: If this is
for NFS datastores and you’re getting problems, double-check your exports file
is configured correctly - for instance, if you are mounting a Qtree to VMware,
be sure the Qtree is referenced in the exports file. An example is below: